Get started today—Download the FREE template and customize it to fit the needs of your organization.
An employee’s personal data may include their social security number, emergency contact information, address, home phone number, interview notes, publicly available information, and other personal information collected by their employer and related parties.
These policies set privacy expectations for employees, notify them of their rights regarding the information collected, and inform them of the processes they can take to access and correct their personal information.
Employers create these policies to comply with all applicable workplace privacy regulations. For example, businesses that are subject to the General Data Protection Regulation (GDPR) must have a policy regarding the collection, use, and disclosure of personal information.
An employee monitoring policy (workplace monitoring policy) will also disclose what data is being collected by the software, in what context the use or disclosure of the collected data will occur, the security measures that are in place to protect the data, and the business purposes for the data.
How to Make a Workplace Monitoring Policy [Free Template]
What is Personal Information?
Disclosing the means that your company uses to collect employee personal data is just as important as disclosing the information that will be collected.
Once that data is collected it must also be securely stored and protected against unauthorized use or disclosure. The cybersecurity practices your company takes to protect employee data must be proportional to the risks associated with the misuse of that data.
Ways that data can be collected include
Depending on the privacy legislation in your company’s (or employee’s) jurisdiction you may need to create multiple unique policies. Data privacy legislation such as the EU’s GDPR and The California Consumer Privacy Act (CCPA) have their own privacy practices that must be adhered to by your company.
Generally speaking a company should only keep personal data for as long as they have legitimate business purposes for it. Once the data is no longer required it should be disposed of per applicable legislative requirements.
In your policy your company should disclose how long the collection, use, and disclosure of data will occur and the circumstances that will lead to its disposal.
Employees should be provided access to their own data where feasible or otherwise required of your company. They should be provided with a point of contact that can assist them with accessing the data and making any necessary corrections.
If you will be using employee monitoring software to track computer activity in your company you can use a similar policy to disclose your intent to monitor, the types of monitoring conducted, and what privacy rights your employees have.
Want to start monitoring employee computer activity? Get started today with a FREE trial of BrowseReporter, CurrentWare’s employee monitoring software.